diff --git a/apps/authentication/backends/base.py b/apps/authentication/backends/base.py index 84cdeab27..351f9edc1 100644 --- a/apps/authentication/backends/base.py +++ b/apps/authentication/backends/base.py @@ -52,6 +52,8 @@ class JMSBaseAuthBackend: logger.debug(info) return allow +from redis_lock.django_cache import RedisCache +from redis import StrictRedis class JMSModelBackend(JMSBaseAuthBackend, ModelBackend): pass diff --git a/apps/authentication/templates/authentication/login.html b/apps/authentication/templates/authentication/login.html index 823f22201..e5e4a7a4e 100644 --- a/apps/authentication/templates/authentication/login.html +++ b/apps/authentication/templates/authentication/login.html @@ -87,11 +87,11 @@ } .jms-title { - padding: 40px 10px 10px; + padding: 60px 10px 10px 60px; } .no-captcha-challenge .jms-title { - padding: 60px 10px 10px; + padding: 60px 10px 10px 60px; } .no-captcha-challenge .welcome-message { @@ -125,15 +125,27 @@ font-weight: 350 !important; min-height: auto !important; } + + .right-image { + height: 100%; + width: 100% + } + + .jms-title { + font-size: 21px; + font-weight:400; + color: #151515; + letter-spacing: 0; + text-align: left; + } -
- - + + screen-image
@@ -142,26 +154,23 @@
    • - {{ JMS_TITLE }} + {% trans 'Login' %}
    -
    {% csrf_token %}
    @@ -177,7 +186,6 @@
    {% bootstrap_field form.username show_label=False %} -
    diff --git a/apps/authentication/views/login.py b/apps/authentication/views/login.py index ae32b14ab..226a12b99 100644 --- a/apps/authentication/views/login.py +++ b/apps/authentication/views/login.py @@ -10,8 +10,7 @@ from django.contrib.auth import login as auth_login, logout as auth_logout from django.http import HttpResponse from django.shortcuts import reverse, redirect from django.utils.decorators import method_decorator -from django.db import transaction -from django.utils.translation import ugettext as _ +from django.utils.translation import ugettext as _, get_language from django.views.decorators.cache import never_cache from django.views.decorators.csrf import csrf_protect from django.views.decorators.debug import sensitive_post_parameters @@ -181,6 +180,29 @@ class UserLoginView(mixins.AuthMixin, FormView): ] return [method for method in auth_methods if method['enabled']] + @staticmethod + def get_support_langs(): + langs = [ + { + 'title': '中文(简体)', + 'code': 'zh-hans' + }, + { + 'title': 'English', + 'code': 'en' + }, + { + 'title': '日本語', + 'code': 'ja' + } + ] + return langs + + def get_current_lang(self): + langs = self.get_support_langs() + matched_lang = filter(lambda x: x['code'] == get_language(), langs) + return next(matched_lang, langs[0]) + @staticmethod def get_forgot_password_url(): forgot_password_url = reverse('authentication:forgot-password') @@ -191,6 +213,8 @@ class UserLoginView(mixins.AuthMixin, FormView): context = { 'demo_mode': os.environ.get("DEMO_MODE"), 'auth_methods': self.get_support_auth_methods(), + 'langs': self.get_support_langs(), + 'current_lang': self.get_current_lang(), 'forgot_password_url': self.get_forgot_password_url(), **self.get_user_mfa_context(self.request.user) } diff --git a/apps/common/utils/encode.py b/apps/common/utils/encode.py index 4178e4a0d..72600ff08 100644 --- a/apps/common/utils/encode.py +++ b/apps/common/utils/encode.py @@ -13,6 +13,7 @@ from itertools import chain import paramiko import sshpubkeys from itsdangerous import ( + TimedSerializer, TimedJSONWebSignatureSerializer, JSONWebSignatureSerializer, BadSignature, SignatureExpired ) diff --git a/apps/jumpserver/settings/base.py b/apps/jumpserver/settings/base.py index c1baf2882..ff42eda4b 100644 --- a/apps/jumpserver/settings/base.py +++ b/apps/jumpserver/settings/base.py @@ -148,19 +148,8 @@ SESSION_EXPIRE_AT_BROWSER_CLOSE = True # 自定义的配置,SESSION_EXPIRE_AT_BROWSER_CLOSE 始终为 True, 下面这个来控制是否强制关闭后过期 cookie SESSION_EXPIRE_AT_BROWSER_CLOSE_FORCE = CONFIG.SESSION_EXPIRE_AT_BROWSER_CLOSE_FORCE SESSION_SAVE_EVERY_REQUEST = CONFIG.SESSION_SAVE_EVERY_REQUEST -SESSION_ENGINE = 'jumpserver.rewriting.session' -SESSION_REDIS = { - 'url': '%(protocol)s://:%(password)s@%(host)s:%(port)s/%(db)s' % { - 'protocol': 'rediss' if CONFIG.REDIS_USE_SSL else 'redis', - 'password': CONFIG.REDIS_PASSWORD, - 'host': CONFIG.REDIS_HOST, - 'port': CONFIG.REDIS_PORT, - 'db': CONFIG.REDIS_DB_CACHE, - }, - 'prefix': 'auth_session', - 'socket_timeout': 1, - 'retry_on_timeout': False -} +SESSION_ENGINE = "django.contrib.sessions.backends.cache" +SESSION_CACHE_ALIAS = "default" MESSAGE_STORAGE = 'django.contrib.messages.storage.cookie.CookieStorage' # Database @@ -283,7 +272,6 @@ REDIS_SSL_REQUIRED = CONFIG.REDIS_SSL_REQUIRED or 'none' CACHES = { 'default': { - # 'BACKEND': 'redis_cache.RedisCache', 'BACKEND': 'redis_lock.django_cache.RedisCache', 'LOCATION': '%(protocol)s://:%(password)s@%(host)s:%(port)s/%(db)s' % { 'protocol': 'rediss' if CONFIG.REDIS_USE_SSL else 'redis', diff --git a/apps/jumpserver/settings/libs.py b/apps/jumpserver/settings/libs.py index c67c21f0b..e5a5e90e5 100644 --- a/apps/jumpserver/settings/libs.py +++ b/apps/jumpserver/settings/libs.py @@ -153,3 +153,5 @@ ANSIBLE_LOG_DIR = os.path.join(PROJECT_DIR, 'data', 'ansible') REDIS_HOST = CONFIG.REDIS_HOST REDIS_PORT = CONFIG.REDIS_PORT REDIS_PASSWORD = CONFIG.REDIS_PASSWORD + +DJANGO_REDIS_SCAN_ITERSIZE = 1000 diff --git a/requirements/requirements.txt b/requirements/requirements.txt index 1dd12283b..b79cd370e 100644 --- a/requirements/requirements.txt +++ b/requirements/requirements.txt @@ -3,9 +3,9 @@ ansible==2.10.7 asn1crypto==0.24.0 bcrypt==3.1.4 billiard==3.6.4.0 -boto3==1.18.11 -botocore==1.21.11 -celery==5.2.2 +boto3==1.24.12 +botocore==1.27.12 +celery==5.2.7 certifi==2018.1.18 cffi==1.13.2 chardet==3.0.4 @@ -17,117 +17,118 @@ decorator==4.1.2 Django==3.1.14 django-auth-ldap==2.2.0 django-bootstrap3==14.2.0 -django-celery-beat==2.2.1 +django-celery-beat==2.3.0 django-filter==2.4.0 django-formtools==2.2 django-ranged-response==0.2.0 django-rest-swagger==2.2.0 -django-simple-captcha==0.5.13 -django-timezone-field==4.1.0 -djangorestframework==3.12.2 +django-simple-captcha==0.5.17 +django-timezone-field==5.0 +djangorestframework==3.13.1 djangorestframework-bulk==0.2.1 docutils==0.14 ecdsa==0.13.3 enum-compat==0.0.2 ephem==3.7.6.0 -eventlet==0.31.1 +eventlet==0.33.1 future==0.16.0 ForgeryPy3==0.3.1 -greenlet==0.4.14 -gunicorn==19.9.0 +greenlet==1.1.2 +gunicorn==20.1.0 idna==2.6 -itsdangerous==0.24 -itypes==1.1.0 -Jinja2==2.11.3 -jmespath==0.9.3 -kombu==5.2.2 -ldap3==2.4 -MarkupSafe==1.1.1 -mysqlclient==2.0.1 -olefile==0.44 +itsdangerous==1.1.0 +itypes==1.2.0 +Jinja2==3.1.2 +jmespath==1.0.1 +kombu==5.2.4 +ldap3==2.9.1 +MarkupSafe==2.1.1 +mysqlclient==2.1.0 +olefile==0.46 openapi-codec==1.3.2 -paramiko==2.10.1 -passlib==1.7.1 -Pillow==9.0.1 +paramiko==2.11.0 +passlib==1.7.4 +Pillow==9.1.1 pyasn1==0.4.8 -pycparser==2.19 -pycryptodome==3.12.0 -pycryptodomex==3.12.0 -pyotp==2.2.6 +pycparser==2.21 +pycryptodome==3.14.1 +pycryptodomex==3.14.1 +pyotp==2.6.0 PyNaCl==1.5.0 python-dateutil==2.8.2 -pytz==2018.3 +pytz==2022.1 PyYAML==6.0 -redis==4.3.1 -requests==2.25.1 -jms-storage==0.0.42 -s3transfer==0.5.0 -simplejson==3.13.2 -six==1.11.0 -sshpubkeys==3.1.0 -uritemplate==3.0.0 -urllib3==1.26.5 +redis==4.3.3 +requests==2.28.0 +# jms-storage==0.0.42 +s3transfer==0.6.0 +simplejson==3.17.6 +six==1.16.0 +sshpubkeys==3.3.1 +uritemplate==4.1.1 +urllib3==1.26.9 vine==5.0.0 drf-yasg==1.20.0 -Werkzeug==0.15.3 -drf-nested-routers==0.91 -aliyun-python-sdk-core-v3==2.9.1 -aliyun-python-sdk-ecs==4.10.1 +Werkzeug==2.1.2 +drf-nested-routers==0.93.4 rest_condition==1.0.3 python-ldap==3.4.0 -tencentcloud-sdk-python==3.0.477 -django-radius==1.4.0 -django-redis-sessions==0.6.1 +django-radius==1.5.0 unicodecsv==0.14.1 -python-daemon==2.2.3 +python-daemon==2.3.0 httpsig==1.3.0 -treelib==1.5.3 +treelib==1.6.1 django-proxy==1.2.1 flower==1.0.0 -channels-redis==3.2.0 -channels==2.4.0 -daphne==2.4.1 -psutil==5.6.6 +channels-redis==3.4.0 +channels==3.0.4 +daphne==3.0.2 +psutil==5.9.1 django-cas-ng==4.0.1 python-cas==1.5.0 ipython -huaweicloud-sdk-python==1.0.21 -django-redis==4.11.0 +django-redis==5.2.0 python-redis-lock==3.7.0 jumpserver-django-oidc-rp==0.3.7.8 django-mysql==3.9.0 gmssl==3.2.1 -azure-mgmt-compute==4.6.2 -azure-mgmt-network==2.7.0 msrestazure==0.6.4 adal==1.2.5 -openpyxl==3.0.5 -pyexcel==0.6.6 +openpyxl==3.0.10 +pyexcel==0.7.0 pyexcel-xlsx==0.6.0 data-tree==0.0.1 pyvmomi==7.0.1 termcolor==1.1.0 -azure-identity==1.5.0 -azure-mgmt-subscription==1.0.0 -qingcloud-sdk==1.2.12 -django-simple-history==3.0.0 -google-cloud-compute==0.5.0 -PyMySQL==1.0.2 -cx-Oracle==8.2.1 -psycopg2-binary==2.9.1 -alibabacloud_dysmsapi20170525==2.0.2 -geoip2==4.4.0 +django-simple-history==3.1.1 +geoip2==4.5.0 html2text==2020.1.16 -python-novaclient==11.0.1 pyzipper==0.3.5 python3-saml==1.12.0 -python-keystoneclient==4.3.0 -pymssql==2.1.5 kubernetes==21.7.0 websocket-client==1.2.3 numpy==1.22.0 pandas==1.3.5 pyjwkest==1.4.2 jsonfield2==4.0.0.post0 -bce-python-sdk==0.8.64 ipip-ipdb==1.6.1 +# Cloud req +qingcloud-sdk==1.2.12 +azure-mgmt-subscription==1.0.0 +azure-identity==1.5.0 +azure-mgmt-compute==4.6.2 +azure-mgmt-network==2.7.0 +google-cloud-compute==0.5.0 +alibabacloud_dysmsapi20170525==2.0.2 +python-novaclient==11.0.1 +python-keystoneclient==4.3.0 +bce-python-sdk==0.8.64 +tencentcloud-sdk-python==3.0.477 +aliyun-python-sdk-core-v3==2.9.1 +aliyun-python-sdk-ecs==4.10.1 +huaweicloud-sdk-python==1.0.21 +# DB requirements +PyMySQL==1.0.2 +cx-Oracle==8.2.1 +psycopg2-binary==2.9.1 +pymssql==2.1.5